- »Lectures and Classes
- Diskrete Strukturen und Logik (WS 2011/12)
- Internet Security (WS2011/2012)
- Semantic Web Technologien (WS2011/2012)
- Large Scale Processing for Multimedia Analysis (WS2011/2012)
- Webprogrammierung und Web 2.0-Technologien (WS2011/12)
- Der neue Personalausweis: Konzept und Umsetzung (WS2011/2012)
- Web Service Security (WS2011/2012)
- Network Security in Practice (WS2011/2012)
- Archive
- »Tele-Lectures
- »Master-Projekte
- Master Theses
- »Bachelor Projects
- PhD Students
- D-School teaching
- Research Seminars
- »Lectures and Classes
Contact
Prof. Dr. Christoph Meinel
Hasso-Plattner-Institut
an der Universität Potsdam
Tel: +49 0331/5509-222
Fax: +49 0331/5509-325
Mobil: +49 176 10010727
meinel"at"hpi.uni-potsdam.de
Blogs
Books
Getting from abstract security requirements to a secure SOA is the challenge in the area of model-driven security. To facilitate a consistent security configuration of multiple systems in an SOA, dependencies and contradictions between different requirements need to be taken into consideration. Therefore, a conceptional security model has been developed that enables the description of security policies as a set of abstract security intentions, which can be translated automatically into concrete security policies (e.g. WS-Policy).
From System Design Modells to SOA Security Policies
Service-oriented Architectures (SOA) facilitate the provision and orchestration of business services to enable a faster adoption to changing business demands. The usage of services in different and changing security contexts requires a dynamic adaption of security mechanisms and requirements.
To facilitate and simplify the generation of enforceable security policies, we foster a model-driven approach based on the model-ling of security intentions in system design models. These security intentions are translated to a security meta-model for SOA that is used to generate Web Service policies.
- Fig.1: Modell-driven Security Engineering in SOA
A security design language for SOA
Our security design language Secure-SOA enables the defnition and formal verifcation of security intentions in any system design language. As a proof of concept, we integrated SecureSOA in Fundamental Modelling Concept (FMC) Block Diagrams.
- Fig. 2: FMC enhanced with SecureSOA
Pattern-driven generation of security policies
To generate security confgurations based on modelled security intentions, a transformation is performed using security patterns. These patterns provide expertise knowledge to determine an appropriate strategy to secure services and resources.
- Fig. 3: Security Patterns for SOA
Further Information
- Michael Menzel, Robert Warschofsky, Ivonne Thomas, Christian Willems, Christoph Meinel: The Service Security Lab: A Model-Driven Platform to Compose and Explore Service Security in the Cloud. Proceedings of the 2010 IEEE World Congress on Services (Services 2010), pp.115-122, (Miami, USA, Juli 2010).
- Michael Menzel, Robert Warschofsky, Christoph Meinel: A Pattern-Driven Generation of Security Policies for Service-Oriented Architectures. Proceedings of the 2010 IEEE International Conference on Web Services (ICWS 2010), pp.243-250, (Miami, USA, Juli 2010).
- Michael Menzel, Christoph Meinel: SecureSOA - Modelling Security Requirements for Service-oriented Architectures. Proceedings of the 2010 IEEE International Conference on Services Computing (SCC 2010), pp.146-153, Miami, USA, Juli 2010.
- Michael Menzel, Christoph Meinel: A Security Meta-Model for Service-Oriented Architectures. Proceedings of the IEEE Conference on Service Computing (SCC 2009), Bangalore, India, September 2009.
Proof of Concept
Visit the project page of our Service Security LAB.
Contact
Robert Warschofsky
Hasso-Plattner-Institut für Softwaresystemtechnik
Prof.-Dr.-Helmert-Str. 2-3
D-14482 Potsdam, Germany
Tel: +49(0)331/5509-222
Fax: +49(0)331/5509-325
Email: robert.warschofsky"at"hpi.uni-potsdam.de